package xyx.ysfwpt.controller;

import io.swagger.annotations.*;
import net.sf.json.JSONObject;
import org.apache.commons.codec.binary.Base64;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.*;
import org.springframework.web.multipart.MultipartFile;
import xyx.ysfwpt.model.User;
import xyx.ysfwpt.service.UserService;

import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.File;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.List;

@Controller
@RequestMapping("/ysfwpt")
@Api(tags = {"用户接口"},description = "")
public class UserController {

    @Autowired
    UserService userService;

    @ApiOperation(value = "用户登录",notes = "用户、管理员登录")
    @ApiResponses(value = { @ApiResponse(code = 200, message = "登录成功")})
    @RequestMapping(value="/login",method=RequestMethod.POST)
    @ResponseBody
    public JSONObject login(@ApiParam(value = "用户名",required = true) @RequestParam(value = "username",required = true)String username,
                            @ApiParam(value = "密码",required = true) @RequestParam(value = "password",required = true)String password,
                            @ApiParam(value = "是否自动登录",required = true) @RequestParam(value = "automatic_logon",required = true)String automatic_logon,
                            HttpServletRequest request, HttpServletResponse response){
        JSONObject jsonObject = new JSONObject();
        User user = userService.selectUserByName(username);
        if(user == null){
            jsonObject.put("result", 1); //该用户未注册
        }
        else{
            //先判断账号是否冻结，再判断账号是否锁定
            if(user.getIslock() == 2){
                jsonObject.put("result", 3); //账号已冻结
            }
            else if(user.getIslock2() == 0){
                jsonObject.put("result", 4); //账号已锁定
            }
            else if(user.getState() == 4){
                jsonObject.put("result", 5); //账号未认证
            }
            else if(user.getState() == 5){
                jsonObject.put("result", 6); //账号认证失败
            }
            else{
                //账号状态无异常（冻结、锁定）
                //密码错误
                if(!user.getPassword().equals(password)){
                    //如果islock2 = -1，说明该账号是第一次密码输入错误，islock2置为1
                    if(user.getIslock2() == -1){
                        userService.updateIsLock2(user.getJob_number(),1,"");
                        jsonObject.put("result", 2); //用户名或密码错误
                    }
                    //如果islock2 = 3，说明该账号是第四次密码输入错误，账号锁定
                    else if(user.getIslock2() == 3){
                        SimpleDateFormat df = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss");//设置日期格式
                        userService.updateIsLock2(user.getJob_number(),0,df.format(new Date()));
                        jsonObject.put("result", 4); //账号已锁定
                    }
                    else{
                        userService.updateIsLock2(user.getJob_number(),user.getIslock2() + 1,"");
                        jsonObject.put("result", 2); //用户名或密码错误
                    }
                }
                //密码正确
                else{
                    //密码正确时，islock重置为-1，locktime重置为“”
                    userService.updateIsLock2(user.getJob_number(),-1,"");

                    //将当前登录的用户名、密码存入cookie
                    if(automatic_logon.equals("yes")){
                        String value = username+":"+password;
                        //对“用户名：密码”进行加密，加密后数据格式为byte[]
                        byte[] base64 = Base64.encodeBase64(value.getBytes());
                        //将数据格式转换为String
                        String cookievalue = new String(base64);
                        //存入cookie，保存时间为10天
                        Cookie userCookie = new Cookie("userCookie",cookievalue);
                        userCookie.setMaxAge(10*24*60*60);
                        response.addCookie(userCookie);
                    }
                    if(automatic_logon.equals("no")){
                        //如果用户没有勾选保存密码，在cookie中存入一个数据为空，保存时间为0的cookie
                        Cookie userCookie = new Cookie("userCookie",null);
                        userCookie.setMaxAge(0);
                        response.addCookie(userCookie);
                    }

                    //将当前登录的用户名存入session
                    HttpSession session = request.getSession();
                    session.setAttribute("realname",user.getRealname());

                    jsonObject.put("result", 0); //登录成功
                }
            }
        }
        return jsonObject;
    }

    @ApiOperation(value = "忘记密码",notes = "验证用户收到的验证码是否正确")
    @RequestMapping(value="/conformVcode",method=RequestMethod.POST)
    @ResponseBody
    public JSONObject conformVcode(@ApiParam(value = "验证码",required = true) @RequestParam(value = "vcode",required = true)String vcode,
                                   @ApiParam(value = "验证码（cookie，base64加密）",required = true) @RequestParam(value = "vcodeCookie",required = true)String vcodeCookie) {
        JSONObject jsonObject = new JSONObject();
        //对用户输入的验证码进行base64加密
        byte[] base64 = Base64.encodeBase64(vcode.getBytes());
        String vcode2 = new String(base64);
        if(vcode2.equals(vcodeCookie)){
            jsonObject.put("result","correct");
        }
        else{
            jsonObject.put("result","error");
        }
        return jsonObject;
    }

    @ApiOperation(value = "用户管理",notes = "查询所有用户")
    @ApiResponses(value = { @ApiResponse(code = 200, message = "查询成功")})
    @RequestMapping(value="/selectAllUser",method=RequestMethod.POST)
    @ResponseBody
    public JSONObject selectAllUser(){
        JSONObject jsonObject = new JSONObject();
        List list = userService.selectAllUser();
        jsonObject.put("list",list);
        return jsonObject;
    }

    @ApiOperation(value = "用户管理",notes = "根据工号查询对应用户信息")
    @ApiResponses(value = { @ApiResponse(code = 200, message = "登录成功")})
    @RequestMapping(value="/selectUserByJobNumber",method=RequestMethod.POST)
    @ResponseBody
    public JSONObject selectUserByJobNumber(@ApiParam(value = "工号",required = true) @RequestParam(value = "job_number",required = true)int job_number) {
        JSONObject jsonObject = new JSONObject();
        User user = userService.selectUserByJobNumber(job_number);
        if(user != null){
            jsonObject.put("user",user);
        }
        else{
            jsonObject.put("user",0);
        }
        return jsonObject;
    }

    @ApiOperation(value = "用户管理",notes = "查询当前用户名下的用户账号信息")
    @ApiResponses(value = { @ApiResponse(code = 200, message = "查询成功")})
    @RequestMapping(value="/selectByDirector",method=RequestMethod.POST)
    @ResponseBody
    public JSONObject selectByDirector(@ApiParam(value = "工号",required = true) @RequestParam(value = "job_number",required = true)int job_number){
        JSONObject jsonObject = new JSONObject();
        List list = userService.selectUserByDirector(job_number);
        jsonObject.put("list",list);
        return jsonObject;
    }

    @ApiOperation(value = "用户管理",notes = "根据科室/临床职称/教学职称/类型/来源查询当前用户名下的用户账号信息")
    @ApiResponses(value = { @ApiResponse(code = 200, message = "查询成功")})
    @RequestMapping(value="/selectUserByInputList",method=RequestMethod.POST)
    @ResponseBody
    public JSONObject selectUserByInputList(@ApiParam(value = "工号",required = true) @RequestParam(value = "job_number",required = true)int job_number,
                                            @ApiParam(value = "权限",required = false) @RequestParam(value = "user_type",required = false)String user_type,
                                            @ApiParam(value = "科室",required = false) @RequestParam(value = "department",required = false)String department,
                                            @ApiParam(value = "临床职称",required = false) @RequestParam(value = "clinical_title",required = false)String clinical_title,
                                            @ApiParam(value = "教学职称",required = false) @RequestParam(value = "teaching_title",required = false)String teaching_title,
                                            @ApiParam(value = "类型",required = false) @RequestParam(value = "type",required = false)String type,
                                            @ApiParam(value = "来源",required = false) @RequestParam(value = "source",required = false)String source,
                                            @ApiParam(value = "状态",required = false) @RequestParam(value = "state",required = false)Integer state,
                                            @ApiParam(value = "姓名/联系方式",required = false) @RequestParam(value = "searchword",required = false)String searchword){
        JSONObject jsonObject = new JSONObject();
        List list = userService.selectUserByInputList(department,clinical_title,teaching_title,type,source,state,searchword,job_number,user_type,"","",1);
        jsonObject.put("list",list);
        return jsonObject;
    }

    @ApiOperation(value = "认证管理",notes = "根据科室/临床职称/教学职称/类型/来源/注册时间查询当前用户名下的用户账号信息")
    @ApiResponses(value = { @ApiResponse(code = 200, message = "查询成功")})
    @RequestMapping(value="/selectUserByInputList2",method=RequestMethod.POST)
    @ResponseBody
    public JSONObject selectUserByInputList2(@ApiParam(value = "工号",required = true) @RequestParam(value = "job_number",required = true)int job_number,
                                             @ApiParam(value = "权限",required = false) @RequestParam(value = "user_type",required = false)String user_type,
                                             @ApiParam(value = "科室",required = false) @RequestParam(value = "department",required = false)String department,
                                             @ApiParam(value = "临床职称",required = false) @RequestParam(value = "clinical_title",required = false)String clinical_title,
                                             @ApiParam(value = "教学职称",required = false) @RequestParam(value = "teaching_title",required = false)String teaching_title,
                                             @ApiParam(value = "类型",required = false) @RequestParam(value = "type",required = false)String type,
                                             @ApiParam(value = "来源",required = false) @RequestParam(value = "source",required = false)String source,
                                             @ApiParam(value = "状态",required = false) @RequestParam(value = "state",required = false)Integer state,
                                             @ApiParam(value = "开始时间",required = false) @RequestParam(value = "timefrom",required = false)String timefrom,
                                             @ApiParam(value = "结束时间",required = false) @RequestParam(value = "timeto",required = false)String timeto,
                                             @ApiParam(value = "姓名/联系方式",required = false) @RequestParam(value = "searchword",required = false)String searchword){
        JSONObject jsonObject = new JSONObject();
        jsonObject.put("timefrom",timefrom);
        jsonObject.put("timeto",timeto);
        List list = userService.selectUserByInputList(department,clinical_title,teaching_title,type,source,state,searchword,job_number,user_type,timefrom,timeto,2);
        jsonObject.put("list",list);
        return jsonObject;
    }

    @ApiOperation(value = "解除锁定账号",notes = "查询被锁定账号列表")
    @ApiResponses(value = { @ApiResponse(code = 200, message = "查询成功")})
    @RequestMapping(value="/selectIsLock2",method=RequestMethod.POST)
    @ResponseBody
    public JSONObject selectIsLock2(@ApiParam(value = "是否被锁定",required = false) @RequestParam(value = "islock2",required = false)Integer islock2){
        JSONObject jsonObject = new JSONObject();
        List list = userService.selectIsLock2(islock2);
        jsonObject.put("list",list);
        return jsonObject;
    }

    @ApiOperation(value = "解除锁定账号",notes = "修改账号锁定状态")
    @ApiResponses(value = { @ApiResponse(code = 200, message = "查询成功")})
    @RequestMapping(value="/updateIsLock2",method=RequestMethod.POST)
    @ResponseBody
    public JSONObject updateIsLock2(@ApiParam(value = "工号",required = true) @RequestParam(value = "job_number",required = true)int job_number,
                                    @ApiParam(value = "是否被锁定",required = true) @RequestParam(value = "islock2",required = true)Integer islock2){
        JSONObject jsonObject = new JSONObject();
        userService.updateIsLock2(job_number,islock2,"");
        return jsonObject;
    }

    @ApiOperation(value = "用户信息",notes = "根据用户名查询该用户的个人资料")
    @ApiResponses(value = { @ApiResponse(code = 200, message = "查询成功")})
    @RequestMapping(value="/selectUserInfoByName",method=RequestMethod.POST)
    @ResponseBody
    public JSONObject selectUserInfoByName(@ApiParam(value = "用户名",required = true) @RequestParam(value = "username",required = true)String username){
        JSONObject jsonObject = new JSONObject();
        User user = userService.selectUserByName(username);
        jsonObject.put("user",user);
        return jsonObject;
    }

    @ApiOperation(value = "新增用户",notes = "管理员新增用户账号")
    @ApiResponses(value = { @ApiResponse(code = 200, message = "修改成功")})
    @RequestMapping(value="/addUser",method=RequestMethod.POST)
    @ResponseBody
    public JSONObject addUser(@ApiParam(value = "头像文件",required = false) @RequestParam(value = "add_file", required = false) MultipartFile file,
                              @ApiParam(value = "用户名",required = true) @RequestParam(value = "add_username", required = true)String username,
                              @ApiParam(value = "密码",required = true) @RequestParam(value = "add_password", required = true)String password,
                              @ApiParam(value = "姓名",required = true) @RequestParam(value = "add_realname", required = true)String realname,
                              @ApiParam(value = "性别",required = true) @RequestParam(value = "add_sex", required = true)String sex,
                              @ApiParam(value = "身份证号",required = false) @RequestParam(value = "add_idcard", required = false)String idcard,
                              @ApiParam(value = "联系方式",required = true) @RequestParam(value = "add_phonumber", required = true)String phonumber,
                              @ApiParam(value = "类型",required = true) @RequestParam(value = "add_type", required = true)String type,
                              @ApiParam(value = "来源",required = true) @RequestParam(value = "add_source", required = true)String source,
                              @ApiParam(value = "所属科室",required = true) @RequestParam(value = "add_department", required = true)String department,
                              @ApiParam(value = "临床职称",required = false) @RequestParam(value = "add_clinical_title", required = false)String clinical_title,
                              @ApiParam(value = "教学职称",required = false) @RequestParam(value = "add_teaching_title", required = false)String teaching_title,
                              @ApiParam(value = "工号",required = true) @RequestParam(value = "add_job_number", required = true)int job_number,
                              @ApiParam(value = "上级负责人",required = true) @RequestParam(value = "add_director", required = true)int director,
                              @ApiParam(value = "擅长内容",required = false) @RequestParam(value = "add_goodat", required = false)String goodat,
                              @ApiParam(value = "个人简介",required = false) @RequestParam(value = "add_description", required = false)String description,
                              @ApiParam(value = "状态",required = true) @RequestParam(value = "add_state", required = true)String state,
                              HttpServletRequest request, HttpServletResponse response){
        JSONObject jsonObject = new JSONObject();
        if(userService.selectUserByName(username) != null) {
            jsonObject.put("result", 1); //该用户名已存在
        }
        else if(userService.selectUserByJobNumber(job_number) != null) {
            jsonObject.put("result", 2); //该工号已存在
        }
        else{
            User user = new User();
            user.setUsername(username);
            user.setPassword(password);
            user.setRealname(realname);
            user.setSex(sex);
            user.setIdcard(idcard);
            user.setPhonumber(phonumber);
            user.setType(type);
            user.setSource(source);
            user.setDepartment(department);
            user.setClinical_title(clinical_title);
            user.setTeaching_title(teaching_title);
            user.setJob_number(job_number);
            user.setDirector(director);
            user.setGoodat(goodat);
            user.setDescription(description);
            user.setState(4); //管理员后台添加新用户，用户状态默认为4：未认证
            SimpleDateFormat sd = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss"); //创建时间
            String time = sd.format(new Date());
            user.setCreatetime(time);
            userService.addUser(user);

            updatePhoto(username,file,job_number,request);

            jsonObject.put("result", 0); //注册成功
            jsonObject.put("user",user);
        }
        return jsonObject;
    }

    @ApiOperation(value = "普通用户个人资料更新",notes = "修改用户个人资料(仅可修改联系方式和个人简介)")
    @ApiResponses(value = { @ApiResponse(code = 200, message = "修改成功")})
    @RequestMapping(value="/updateUserInfo",method=RequestMethod.POST)
    @ResponseBody
    public JSONObject updateUserInfo(@ApiParam(value = "头像文件",required = false) @RequestParam(value = "file", required = false) MultipartFile file,
                                     @ApiParam(value = "工号",required = true) @RequestParam(value = "job_number", required = true)int job_number,
                                     @ApiParam(value = "姓名",required = true) @RequestParam(value = "realname", required = true)String realname,
                                     @ApiParam(value = "性别",required = true) @RequestParam(value = "sex", required = true)String sex,
                                     @ApiParam(value = "用户名",required = true) @RequestParam(value = "username", required = true)String username,
                                     @ApiParam(value = "联系方式",required = true) @RequestParam(value = "phonumber", required = true)String phonumber,
                                     @ApiParam(value = "所属科室",required = true) @RequestParam(value = "department", required = true)String department,
                                     @ApiParam(value = "临床职称",required = false) @RequestParam(value = "clinical_title", required = false)String clinical_title,
                                     @ApiParam(value = "个人简介",required = false) @RequestParam(value = "description", required = false)String description,
                                     HttpServletRequest request, HttpServletResponse response){
        JSONObject jsonObject = new JSONObject();
        User user = new User();
        user.setJob_number(job_number);
        user.setPhonumber(phonumber);
        user.setDescription(description);
        userService.updateUser(user);

        updatePhoto(username,file,job_number,request);

        jsonObject.put("user",user);
        return jsonObject;
    }

    @ApiOperation(value = "普通用户个人资料更新",notes = "管理员修改用户个人资料")
    @ApiResponses(value = { @ApiResponse(code = 200, message = "修改成功")})
    @RequestMapping(value="/updateUserInfo2",method=RequestMethod.POST)
    @ResponseBody
    public JSONObject updateUserInfo2(@ApiParam(value = "头像文件",required = false) @RequestParam(value = "update_file", required = false) MultipartFile file,
                                      @ApiParam(value = "工号",required = true) @RequestParam(value = "update_job_number", required = true)int job_number,
                                      @ApiParam(value = "用户名",required = true) @RequestParam(value = "update_username", required = true)String username,
                                      @ApiParam(value = "联系方式",required = true) @RequestParam(value = "update_phonumber", required = true)String phonumber,
                                      @ApiParam(value = "姓名",required = true) @RequestParam(value = "update_realname", required = true)String realname,
                                      @ApiParam(value = "性别",required = true) @RequestParam(value = "update_sex", required = true)String sex,
                                      @ApiParam(value = "身份证号",required = true) @RequestParam(value = "update_idcard", required = true)String idcard,
                                      @ApiParam(value = "类型",required = true) @RequestParam(value = "update_type", required = true)String type,
                                      @ApiParam(value = "所属科室",required = true) @RequestParam(value = "update_department", required = true)String department,
                                      @ApiParam(value = "上级负责人",required = true) @RequestParam(value = "update_director", required = true)int director,
                                      @ApiParam(value = "状态",required = true) @RequestParam(value = "update_state", required = true)Integer state,
                                      @ApiParam(value = "临床职称",required = false) @RequestParam(value = "update_clinical_title", required = false)String clinical_title,
                                      @ApiParam(value = "教学职称",required = false) @RequestParam(value = "update_teaching_title", required = false)String teaching_title,
                                      @ApiParam(value = "擅长内容",required = false) @RequestParam(value = "update_goodat", required = false)String goodat,
                                      @ApiParam(value = "个人简介",required = false) @RequestParam(value = "update_description", required = false)String description,
                                      HttpServletRequest request, HttpServletResponse response){
        JSONObject jsonObject = new JSONObject();
        User user = new User();
        user.setJob_number(job_number);
        user.setUsername(username);
        user.setPhonumber(phonumber);
        user.setRealname(realname);
        user.setSex(sex);
        user.setIdcard(idcard);
        user.setType(type);
        user.setDepartment(department);
        user.setDirector(director);
        user.setState(state);
        user.setClinical_title(clinical_title);
        user.setTeaching_title(teaching_title);
        user.setGoodat(goodat);
        user.setDescription(description);
        userService.updateUser2(user);

        updatePhoto(username,file,job_number,request);

        jsonObject.put("user",user);
        return jsonObject;
    }

    @ApiOperation(value = "修改密码",notes = "修改用户登录密码")
    @ApiResponses(value = { @ApiResponse(code = 200, message = "修改成功")})
    @RequestMapping(value="/updatePSW",method=RequestMethod.POST)
    @ResponseBody
    public JSONObject updatePSW(@ApiParam(value = "工号",required = true) @RequestParam(value = "job_number", required = true)int job_number,
                                @ApiParam(value = "密码",required = true) @RequestParam(value = "password_new2", required = true)String password){
        JSONObject jsonObject = new JSONObject();
        userService.updateUserPSW(job_number,password);
        return jsonObject;
    }

    @ApiOperation(value = "修改科室",notes = "修改用户科室信息（批量修改）")
    @ApiResponses(value = { @ApiResponse(code = 200, message = "修改成功")})
    @RequestMapping(value="/updateDepartment",method=RequestMethod.POST)
    @ResponseBody
    public JSONObject updateDepartment(@ApiParam(value = "工号",required = true) @RequestParam(value = "job_number", required = true)int job_number,
                                       @ApiParam(value = "科室",required = true) @RequestParam(value = "department", required = true)String department,
                                       @ApiParam(value = "科室负责人",required = true) @RequestParam(value = "director", required = true)int director){
        JSONObject jsonObject = new JSONObject();
        userService.updateDepartment(job_number,department,director);
        return jsonObject;
    }

    @ApiOperation(value = "修改状态",notes = "修改用户状态（已认证，未认证，认证失败）")
    @ApiResponses(value = { @ApiResponse(code = 200, message = "修改成功")})
    @RequestMapping(value="/updateState",method=RequestMethod.POST)
    @ResponseBody
    public JSONObject updateState(@ApiParam(value = "工号",required = true) @RequestParam(value = "job_number", required = true)int job_number,
                                  @ApiParam(value = "状态",required = true) @RequestParam(value = "state", required = true)Integer state){
        JSONObject jsonObject = new JSONObject();
        userService.updateState(job_number,state);
        return jsonObject;
    }

    @ApiOperation(value = "修改状态",notes = "修改用户状态（已冻结）")
    @ApiResponses(value = { @ApiResponse(code = 200, message = "修改成功")})
    @RequestMapping(value="/updateIslock",method=RequestMethod.POST)
    @ResponseBody
    public JSONObject updateIslock(@ApiParam(value = "工号",required = true) @RequestParam(value = "job_number", required = true)int job_number,
                                 @ApiParam(value = "冻结",required = true) @RequestParam(value = "islock", required = true)Integer islock){
        JSONObject jsonObject = new JSONObject();
        userService.updateIslock(job_number,islock);
        return jsonObject;
    }

    @ApiOperation(value = "删除用户",notes = "根据用户的工号删除用户")
    @ApiResponses(value = { @ApiResponse(code = 200, message = "删除成功")})
    @RequestMapping(value="/deleteUser",method=RequestMethod.POST)
    @ResponseBody
    public JSONObject deleteUser(@ApiParam(value = "工号",required = true) @RequestParam(value = "job_number", required = true)int job_number){
        JSONObject jsonObject = new JSONObject();
        userService.deleteUser(job_number);
        return jsonObject;
    }

    @ApiOperation(value = "数据处理",notes = "处理cookie")
    @ApiResponses(value = { @ApiResponse(code = 200, message = "处理成功")})
    @RequestMapping(value="/userCookie",method=RequestMethod.POST)
    @ResponseBody
    public JSONObject userCookie(@ApiParam(value = "用户Cookie",required = true) @RequestParam(value = "userCookie",required = true)String userCookie) {
        JSONObject jsonObject = new JSONObject();
        //对cookie中的数据进行解密，解密后格式为byte[]
        byte[] base64 = Base64.decodeBase64(userCookie.getBytes());
        //将数据格式转换为String
        String value = new String(base64);
        //数据格式为“用户名：密码”，根据“：”进行拆分
        String username = value.split(":")[0];
        String password = value.split(":")[1];
        jsonObject.put("username",username);
        jsonObject.put("password",password);
        return jsonObject;
    }

    //将头像保存功能提取为函数
    private static final String USERPHOTO_DIRECTORY = "pic\\userphoto";
    private void updatePhoto(String username,MultipartFile file,int job_number,HttpServletRequest request){
        JSONObject jsonObject = new JSONObject();
        //判断文件是否为空
        if(file == null || file.getSize() == 0){
			/*
			file == null			用于在swagger2传值判断头像是否为空
			file.getSize() == 0 	用于在formdata传值时判断头像是否为空
			*/
        }
        else{
            //本地上传头像名称
            String imgName = file.getOriginalFilename();
            //本地头像后缀
            String suffix = imgName.substring(imgName.lastIndexOf(".") + 1);
            //本地头像文件名
            SimpleDateFormat df = new SimpleDateFormat("yyyyMMddHHmmss");//设置日期格式
            String date = df.format(new Date());// new Date()为获取当前系统时间，也可使用当前时间戳
            //数据库保存路径
            String imgurl = File.separator + USERPHOTO_DIRECTORY + File.separator + date + "." + suffix;
            //父文件夹路径  D:\\MyProjectTest\\znccglpt\\智能仓储管理平台\\target\\智能仓储管理平台\\picture\\userphoto
            String parentPath = request.getSession().getServletContext().getRealPath("./") + USERPHOTO_DIRECTORY;
            //完整路径
            String filePath = new String();

            // 如果目录不存在则创建
            File uploadDir = new File(parentPath);
            if (!uploadDir.exists()) {
                uploadDir.mkdir();
            }

            //保存头像至本地
            try {
                //文件的完整保存路径  D:\\MyProjectTest\\znccglpt\\智能仓储管理平台\\target\\智能仓储管理平台\\picture\\userphoto\\userphoto1.gif
                filePath = request.getSession().getServletContext().getRealPath("/") + USERPHOTO_DIRECTORY + File.separator + date + "." + suffix;
                //转存文件
                file.transferTo(new File(filePath));

				/*
				对传过来的job_number进行判断
				若job_number为-1，说明此job_number不存在，需要重新获取新添加用户的job_number并保存头像至该新用户资料中
				若job_number不为-1，说明此job_number存在，则直接保存头像至此job_number的用户资料中
				 */
                if(job_number == -1){
                    //获取新增用户的job_number
                    job_number = userService.selectUserByName(username).getJob_number();
                    userService.updateUserPhoto(job_number,imgurl);
                }
                else{
                    userService.updateUserPhoto(job_number,imgurl);
                }

            } catch (Exception e) {
                e.printStackTrace();
            }

            jsonObject.put("imgurl",imgurl); //数据库保存路径
            jsonObject.put("parentPath",parentPath); //父文件夹路径
            jsonObject.put("filePath",filePath); //本地完整保存路径
        }
    }
}